okihkb

(1)

00:02:54

last save: 2016-05-20 11:14:47 last save: 2016-05-20 11:14:47 1.

1. It is possible to create an encrypted PPPoE tunnel in RouterOS: It is possible to create an encrypted PPPoE tunnel in RouterOS:

true true 2.

2._{How long is level 1 (free) license valid?}_{How long is level 1 (free) license valid?}

A. 1 year A. 1 year B. Infinite time B. Infinite time C. 24 hours C. 24 hours D. 1 month D. 1 month 3.

3._{Which type of encryption could be used to establish a connection with a simple passkey without using a}_{Which type of encryption could be used to establish a connection with a simple passkey without using a}

802.1X authentication server? 802.1X authentication server?

A. WPA PSK/

A. WPA PSK/WPA2 PSKWPA2 PSK B. WPA EAP/WPA2 EAP B. WPA EAP/WPA2 EAP

4.

4._{What is the minimal possible wireless configuration to create an Access Point?}_{What is the minimal possible wireless configuration to create an Access Point?}

A. radio name A. radio name

B. scan-list B. scan-list C. frequency C. frequency D. band D. band E. ssid E. ssid F. DFS mode F. DFS mode G. WDS G. WDS H. mode H. mode 5.

5. Which port does PPTP use by default? Which port does PPTP use by default? A. TCP 1721 A. TCP 1721 B. UDP 1721 B. UDP 1721 C. TCP 1723 C. TCP 1723 D. UDP 1723 D. UDP 1723 6.

6. Mark all correct answers Mark all correct answers

A. /ip firew

A. /ip firewall filter allowall filter allows to deny authenticas to deny authentication to APtion to AP

B. Wireless access-list could allow and deny connect to your AP B. Wireless access-list could allow and deny connect to your AP

C. Default-Forwarding could be enabled for a specific clients by wireless access-list C. Default-Forwarding could be enabled for a specific clients by wireless access-list D. The only way to prevent wireless clients connections - disable wireless interface D. The only way to prevent wireless clients connections - disable wireless interface

7.

7._{You want to use PCQ and allow 256k maximum download and upload for each client. Choose correct}_{You want to use PCQ and allow 256k maximum download and upload for each client. Choose correct}

argument values for the required queue. argument values for the required queue.

A. kind=pcq pc

A. kind=pcq pcq-rate=5000000 pcq-rate=5000000 pcq-classifierq-classifier=dst-address=dst-address B.

(2)

C. kind=pcq pcq-rate=5000000 pcq-classifier=src-address C. kind=pcq pcq-rate=5000000 pcq-classifier=src-address D. kind=pcq pcq-rate=256000 pcq-classifier=dst-address D. kind=pcq pcq-rate=256000 pcq-classifier=dst-address E.

E. kind=pcq kind=pcq pcq-rate=256pcq-rate=256000 000 pcq-classifipcq-classifier=src-addrer=src-addressess

8.

8._{To connect your MikroTik router to a wireless access point, you have to:}_{To connect your MikroTik router to a wireless access point, you have to:}

A. Use the sa

A. Use the same SSID as on acme SSID as on accesspointcesspoint B. Use the same Radio Name

B. Use the same Radio Name

C. Use the same Band (5 GHz, 2.4 GHz, ...) C. Use the same Band (5 GHz, 2.4 GHz, ...)

9.

9._{Firewall NAT rules process only the first packet of each connection.}_{Firewall NAT rules process only the first packet of each connection.} false

false 10.

10. In which situations Netinstall can not be used to install RouterOS on a RouterBOARD? In which situations Netinstall can not be used to install RouterOS on a RouterBOARD? A. The router

A. The router is connected onlis connected only to a seconday to a secondary Ethernet portry Ethernet port B. The router does not have an operating system

B. The router does not have an operating system C. The password of the router is not known C. The password of the router is not known

D. The router is connected only to a wireless network D. The router is connected only to a wireless network

11.

11. For static routing functionality, additionally to the RouterOS 'system' package, you will also need the For static routing functionality, additionally to the RouterOS 'system' package, you will also need the following software package:

following software package: A. advanced-too

A. advanced-toolsls B. routing

B. routing

C. no extra package required C. no extra package required D. dhcp

D. dhcp

12.

12._{When adding a static route, you must always ensure that you add both the gateway and the interface.}_{When adding a static route, you must always ensure that you add both the gateway and the interface.}

false false 13.

13. Bridging loops can be avoided by enabling: Bridging loops can be avoided by enabling: A. RSTP pro

A. RSTP protocoltocol B. STP protocol B. STP protocol C. Connection tracking C. Connection tracking D. UDP filter D. UDP filter E. ICMP filter E. ICMP filter 14.

14. Netinstall can be used to Netinstall can be used to A. Keep configura

A. Keep configuration, but reset a tion, but reset a lost admin paslost admin passwordsword B. Reinstall software without losing licence

B. Reinstall software without losing licence C. Install different software version (upgrade or

C. Install different software version (upgrade or downgrade)downgrade) D. Install package for

D. Install package for different hardware architecturedifferent hardware architecture

15.

(3)

A.

A. Allow/deny use of more than one login by this user Allow/deny use of more than one login by this user B. Allow login by PPPoE and PPTP, but deny login by L2TP B. Allow login by PPPoE and PPTP, but deny login by L2TP C. Set max values for transferred data (Rx/Tx)

C. Set max values for transferred data (Rx/Tx) D. Allow only PPPoE login

D. Allow only PPPoE login

E. Deny services (like telnet) only for this user or for one group of users E. Deny services (like telnet) only for this user or for one group of users

16.

16. What is necessary for PPPoE client configuration? What is necessary for PPPoE client configuration? A. Interface (o

A. Interface (on which PPPon which PPPoE client is going E client is going to work)to work) B. Static IP address on

B. Static IP address on PPPoE client interfacePPPoE client interface C. ip firewall nat masquerade rule

C. ip firewall nat masquerade rule

17.

17._{Evaluate the following information:}_{Evaluate the following information:}

Access Point

Access Point configuration:configuration: -- wlan1 is in 'AP-Bridge' mode -- wlan1 is in 'AP-Bridge' mode

-- Bridge1 has wlan1 and ether1 as ports -- Bridge1 has wlan1 and ether1 as ports CPE configuration:

CPE configuration:

-- wlan1 is in 'Station-Bridge' mode -- wlan1 is in 'Station-Bridge' mode -- Bridge1 has wlan1 and ether1 as ports -- Bridge1 has wlan1 and ether1 as ports

Select protocols that will pass from ether1 on the CPE to ether1 on the Access Point. Select protocols that will pass from ether1 on the CPE to ether1 on the Access Point.

A. IPv4 A. IPv4 B. ARP B. ARP C. USB C. USB D. BGP D. BGP E. Firewire E. Firewire F. IPv6 F. IPv6 G. DHCP G. DHCP H. PPPoE H. PPPoE 18.

18. Mark all packages required for PPPoE server on MikroTik RouterOS Mark all packages required for PPPoE server on MikroTik RouterOS A. ppp A. ppp B. B. user-manageuser-managerr C. radius C. radius D. synchronous D. synchronous E. system E. system 19.

19. Action=redirect applies to Action=redirect applies to

A. Firewa

A. Firewall Filter rulll Filter ruleses B. DST-NAT rules B. DST-NAT rules C. Route rules C. Route rules D. SRC-NAT rules D. SRC-NAT rules

(4)

20.

20. One host on an internal network is accessing an external web page through a MikroTik router that is doing One host on an internal network is accessing an external web page through a MikroTik router that is doing source NAT. Select correct statement about the packets that flow from that web page to the host ?

source NAT. Select correct statement about the packets that flow from that web page to the host ? A. Packets go

A. Packets go through the output cthrough the output chainhain B. Packets go through the

B. Packets go through the forward chainforward chain C. Packets go through the

C. Packets go through the input chain before the routing decision and after input chain before the routing decision and after that through output chainthat through output chain D. Packets go through the input

D. Packets go through the input chainchain

21.

21. When viewing the routes in Winbox, some routes will show "DAC" in the first column. These flags mean: When viewing the routes in Winbox, some routes will show "DAC" in the first column. These flags mean:

A. Dynamic,

A. Dynamic, Active, ConneActive, Connectedcted B. Direct, Available,

B. Direct, Available, ConnectedConnected C. Dynamic, Active,

C. Dynamic, Active, ConsoleConsole D. Dynamic, Available, Created D. Dynamic, Available, Created

22.

22. Simple Queue number 0 defines 2M for upload and download for target IP 10.10.0.33. Simple Queue number 0 defines 2M for upload and download for target IP 10.10.0.33. Simple Queue number 1 defines 4M for upload

Simple Queue number 1 defines 4M for upload and download for target IP and download for target IP 10.10.0.33. Client 10.10.0.33 is be10.10.0.33. Client 10.10.0.33 is be able to obtain

able to obtain

A. 0M upload/dow A. 0M upload/downloadnload

B. 6M

B. 6M upload/dowupload/downloadnload C. 4M

C. 4M upload/downupload/downloadload D. 2M

D. 2M upload/downupload/downloadload

23.

23._{The total-max-limit under Simple Queues will limit the combined upload and download of the target-}_{The total-max-limit under Simple Queues will limit the combined upload and download of the}

target-address of your simple queue. address of your simple queue.

true true 24.

24._{To be able to do NAT, the connection tracking does not need to be enabled.}_{To be able to do NAT, the connection tracking does not need to be enabled.} true

true 25.

25._{Which of}_{Which of the following Routes statuses are possible?}_{the following Routes statuses are possible?}

A. S = Static A. S = Static B. C = Connected B. C = Connected C. A = Active C. A = Active D. D = Drop D. D = Drop

(5)

1.

_{When setting "Frequency Mode" value}

_{When setting "Frequency Mode" value to Regulatory Domain, and setting "country",}

_{to Regulatory Domain, and setting "country",}

this changes the available frequencies and power output

this changes the available frequencies and power output levels available for selection to

levels available for selection to

only those allowed for the selected country?

true true

2.

_{You want to use}

_{You want to use PCQ and allow 256k maximum download and}

_{PCQ and allow 256k maximum download and upload for each client.}

_{upload for each client.}

Choose correct argument values for the required queue.

A. kind=pcq pcq-rate=5000000

pcq-classifier=src-address

address

B. kind=pcq pcq-rate=1256000

pcq-classifier=dst-address

address

C. kind=pcq pcq-rate=256000

pcq-classifier=dst-address

address

D. kind=pcq pcq-rate=256000

pcq-classifier=src-address

address

E. kind=pcq pcq-rate=5000000

pcq-classifier=dst-address

address

3.

_{What is necessary for PPPoE client}

_{What is necessary for PPPoE client configuration?}

_{configuration?}

A. Interface (on which PPPoE client is going to

work)

B. Static IP address on PPPoE client interface

C. ip firewall nat masquerade rule

4.

_{Which port does PPTP use by default?}

A. UDP 1723

B. TCP 1723

C. UDP 1721

D. TCP 1721

5.

_{To be able to do NAT the connection tracking does not need to be enabled.}

true true

6.

_{Is it possible to l}

_{Is it possible to limit how many clients are able to}

_{imit how many clients are able to connect to an access point?}

_{connect to an access point?}

A. Yes

B. No it's not possible at all

C. Yes, but only with access-lists

7.

_{Which are necessary sections in /queue simple to}

_{Which are necessary sections in /queue simple to set bandwidth limitation?}

_{set bandwidth limitation?}

A. target-address, dst-address, max-limit

B. target-address, max-limit

C. max-limit

D. target-address, dst-address

(6)

8.

_{For static routing functionality, additionally to the RouterOS 'sy}

_{For static routing functionality, additionally to the RouterOS 'sy stem' package, you will}

_{stem' package, you will}

also need the following software package:

A. no extra package required

B. routing

C. advanced-tools

D. dhcp

9.

_{You want to transfer existing '/ip firewall filter' configuration from one router to a new}

system. Choose the best possible way to do:

A. Export global configuration and remove

everything apart from '/ip firewall filter'

B. Create backup only of '/ip firewall filter' rules

C. Export only '/ip firewall filter'

D. Create backup, edit backup file and restore on

target router

10.

_{The total-max-limit under Simple Queues will limit}

_{The total-max-limit under Simple Queues will limit the combined upload and}

_{the combined upload and}

download of the target-address of your simple queue.

true true

11.

_{What is the minimal possible}

_{What is the minimal possible wireless configuration to create an Access Point?}

_{wireless configuration to create an Access Point?}

A. mode

B. scan-list

C. DFS mode

D. WDS

E. radio name

F. ssid

G. frequency

H. band

12.

_{Which configuration menu should you use to change router's Winbox default port?}

A. /ip service

B. /ip firewall filter

C. /ip firewall service-ports

D. /system resource

13.

_{There can be more than one PPPoE server in a single broadcast domain:}

true true

14.

_{Consider the following di}

_{Consider the following diagram. We want to communicate from a device on}

_{agram. We want to communicate from a device on LAN1 to}

_{LAN1 to}

a device on LAN2. Assuming

a device on LAN2. Assuming that all necessary configurations are already included on

that all necessary configurations are already included on

R2, which of the following configurations in

(7)

A. /ip route add dst-address=0.0.0.0/0

gateway=192.168.99.2

B. /ip route add dst-address=192.168.0.0/24

gateway=192.168.0.1

C. /ip route add dst-address=0.0.0.0/0

gateway=Ether1

D. /ip route add dst-address=192.168.1.0/24

src-address=192.168.0.0/24 gateway=192.168.99.2

address=192.168.0.0/24 gateway=192.168.99.2

E. /ip route add dst-address=192.168.1.0/24

gateway=192.168.99.2

15.

_{Which following option(s) is/are considered as good practice when dealing with}

rogue DHCP servers?

A. Use the DHCP Server alert system

B. Input on CLI '/ip dhcp-server authoritative=yes'

C. Enable 'Always Broadcast' option

D. Enable 'Add ARP for Leases' option

E. Use only static leases

16.

_{For user in}

_{For user in local PPP Secrets/PPP Profiles database, it is possible to}

_{local PPP Secrets/PPP Profiles database, it is possible to}

A. Set max values for transferred data (Rx/Tx)

B. Deny services (like telnet) only for this user or for

one group of users

C. Allow login by PPPoE and PPTP, but deny login

by L2TP

D. Allow/deny use of more than one login by this

user

E. Allow only PPPoE login

17.

_{What is the correct action for a NAT rule on a router that should intercept SMTP}

traffic and send it over to a specified mail server?

A. dst-nat

B. passthrough

C. redirect

D. tarpit

18.

_{What does the firewall}

_{What does the firewall action "Redirect" do? Select all true statements.}

_{action "Redirect" do? Select all true statements.}

A. Redirects a packet to a specified IP

B. Redirects a packet to a specified port on the

router

(8)

C. Redirects a packet to a specified port on a host

in the network

D. Redirects a packet to the router

19.

_{When sending out an ARP request, an IP host is expecting what kind of address for}

an answer?

A. IP address

B. VLAN ID

C. 802.11g

D. MAC Address

20.

_{Mark correct statement.}

A. Backup files are editable

B. Backup files are not editable

C. Export files are not editable

21.

_{When using routing option 'check-gateway=ping' what is the ICMP echo request}

interval (in seconds)?

A. 20s

B. 60s

C. 10s

D. 30s

22.

_{Which of the protocols below is used by Netinstall?}

A. bootp

B. arp

C. dhcp

D. rarp

23.

_{By default info, error and warning messages are logged into memory of your}

RouterOS device. You can add logging of visited web-pages and other message topics

true true

24.

_{Which of the following would}

_{Which of the following would prevent unknown clients from connecting to your AP?}

_{prevent unknown clients from connecting to your AP?}

Choose the BEST answer.

A. Uncheck "Default Authenticate" in the wireless

card configuration, and add each known client's MAC

address to your access-list configuration ensuring that

you enable "authenticate" in the entry

B. Configure the radius server under "/radius"

C. Uncheck "Default Authenticate" in the

C. Uncheck "Default Authenticate" in the wireless

wireless

card configuration, and add each known client's MAC

(9)

address to your connect-list configuration

D. Check the "Do not permit unknown client" box in

the wireless configuration

E. Add each known client's MAC address to your

access-list configuration is the only step needed

25.